ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
21,836 Commits 589 Branches 805 Tags
dfd5f3b388d5720ec29aba87d8af334f59ed6840
Commit Graph

1340 Commits

Author SHA1 Message Date
Tinderbox User
dfd5f3b388 update copyright notice 2014-01-18 23:46:13 +00:00
Evan Hunt
12bf5d4796 [master] address several issues with native pkcs11 2014-01-18 11:51:07 -08:00
Tinderbox User
c0682c2367 update copyright notice 2014-01-17 23:46:32 +00:00
Francis Dupont
e02659b241 applied emacs filled-paragraph (ESC-q) to reindent SUBDIRS 2014-01-17 14:14:30 +01:00
Tinderbox User
1633aead67 update copyright notice 2014-01-16 23:46:28 +00:00
Mark Andrews
db8938c993 3710. [bug] Address double dns_zone_detach when switching to 
using automatic empty zones from regular zones.
                        [RT #35177]
 2014-01-17 10:04:16 +11:00
Evan Hunt
5760095601 [master] skip xfer test with Net::DNS 0.73 2014-01-16 09:50:23 -08:00
Francis Dupont
6080262ffe add iscpk11 dep in lwresd system test 2014-01-16 16:06:04 +01:00
Mark Andrews
e20788e121 update copyrights 2014-01-16 15:19:24 +11:00
Tinderbox User
bf0266f286 update copyright notice 2014-01-14 23:46:22 +00:00
Evan Hunt
ba751492fc [master] native PKCS#11 support 
3705.	[func]		"configure --enable-native-pkcs11" enables BIND
			to use the PKCS#11 API for all cryptographic
			functions, so that it can drive a hardware service
			module directly without the need to use a modified
			OpenSSL as intermediary (so long as the HSM's vendor
			provides a complete-enough implementation of the
			PKCS#11 interface). This has been tested successfully
			with the Thales nShield HSM and with SoftHSMv2 from
			the OpenDNSSEC project. [RT #29031]
 2014-01-14 15:40:56 -08:00
Mark Andrews
07fb9b8330 3704. [protocol] Accept integer timestamps in RRSIG records. [RT #35185] 2014-01-14 16:12:30 +11:00
Tinderbox User
2cf1d5b098 update copyright notice 2014-01-12 23:46:23 +00:00
Mark Andrews
fb756ba304 3703. [func] Prefetch about to expire records if they are queried 
for, see prefetch option for details. [RT #35041]
 2014-01-12 21:29:15 +11:00
Tinderbox User
f70a10508f update copyright notice 2014-01-11 23:46:17 +00:00
Evan Hunt
7d2b185f16 [master] new dnssec-coverage options 
3702.	[func]		'dnssec-coverage -l' option specifies a length
			of time to check for coverage; events further into
			the future are ignored.  'dnssec-coverage -z'
			checks only ZSK events, and 'dnssec-coverage -k'
			checks only KSK events.  (Thanks to Peter Palfrader.)
			[RT #35168]
 2014-01-10 17:53:21 -08:00
Mark Andrews
a7c412f37c update copyrights 2014-01-11 07:07:56 +11:00
Mark Andrews
ff6de396a9 3701. [func] named-checkconf can now suppress the printing of 
shared secrets by specifying '-x'. [RT #34465]
 2014-01-10 16:56:36 +11:00
Tinderbox User
431a83fb29 update copyright notice 2014-01-09 23:46:35 +00:00
Mark Andrews
d4eb30fa2d stop spamming system logs 2014-01-09 16:23:40 +11:00
Tinderbox User
e8914b47a2 update copyright notice 2014-01-05 23:46:12 +00:00
Mark Andrews
e9649ece3b 3696. [bug] dig failed to handle AXFR style IXFR responses which 
span multiple messages. [RT #35137]
 2014-01-06 06:22:30 +11:00
Tinderbox User
9c61ab2c99 update copyright notice 2013-12-21 23:46:16 +00:00
Evan Hunt
c14ba71070 [master] warn if key-directory doesn't exist 
3694.	[bug]		Warn when a key-directory is configured for a zone,
			but does not exist or is not a directory. [RT #35109]
 2013-12-20 14:57:03 -08:00
Tinderbox User
7c329be7c0 update copyright notice 2013-12-15 23:46:14 +00:00
Tinderbox User
eade480b33 update copyright notice 2013-12-13 23:46:17 +00:00
Evan Hunt
0606c47750 [master] correct dispatch address/port check 
3690.	[bug]		Iterative responses could be missed when the source
			port for an upstream query was the same as the
			listener port (53). [RT #34925]
 2013-12-12 22:39:12 -08:00
Evan Hunt
9b895f30f1 [master] fix insecure delegation across static-stub zones 
3689.	[bug]		Fixed a bug causing an insecure delegation from one
			static-stub zone to another to fail with a broken
			trust chain. [RT #35081]
 2013-12-12 22:19:33 -08:00
Tinderbox User
de77dcc2c1 update copyright notice 2013-12-11 23:47:38 +00:00
Evan Hunt
4e1d84a33c typo 2013-12-11 14:00:07 -08:00
Evan Hunt
0bbe3273a2 [master] dnssec-signzone -Q 
3686.	[func]		"dnssec-signzone -Q" drops signatures from keys
			that are still published but no longer active.
			[RT #34990]
 2013-12-11 13:25:21 -08:00
Tinderbox User
79812068ff update copyright notice 2013-12-06 23:47:28 +00:00
Mark Andrews
7d65cbaca0 3684. [bug] The list of included files would grow on reload. 
[RT 35090]
 2013-12-07 09:44:45 +11:00
Curtis Blackburn
8009525601 3682. [bug] Correct the behavior of rndc retransfer to allow 
inline-signing slave zones to retain NSEC3 parameters instead of
			reverting to NSEC [RT #34745]
 2013-12-04 12:26:20 -06:00
Evan Hunt
d999ca28d4 [master] check hint files in named-checkconf -z 
3676.	[bug]		"named-checkconf -z" now checks zones of type
			hint and redirect as well as master. [RT #35046]
 2013-11-25 12:26:53 -08:00
Mark Andrews
225146b2c8 3674. [bug] RPZ zeroed ttls if the query type was '*'. [RT #35026] 2013-11-18 11:22:59 +11:00
Mark Andrews
ced4f794cf check expected responses 2013-11-15 13:22:48 +11:00
Mark Andrews
3ac9ef6a6d move forwarder server to 10.53.0.5 2013-11-15 13:16:51 +11:00
Tinderbox User
432d8fa3b4 update copyright notice 2013-11-14 23:46:24 +00:00
Evan Hunt
434bfc3dfa [master] "in-view" zone option 
3673.	[func]		New "in-view" zone option allows direct sharing
			of zones between views. [RT #32968]
 2013-11-13 20:35:40 -08:00
Evan Hunt
0618287859 [master] allow setting local addr in dns_client 
3672.	[func]		Local address can now be specified when using
			dns_client API. [RT #34811]
 2013-11-13 10:52:22 -08:00
Mark Andrews
c4004ada2a adjust sync point 2013-11-13 15:44:54 +11:00
Mark Andrews
6b0434299b 3671. [bug] Don't allow dnssec-importkey overwrite a existing 
non-imported private key.
 2013-11-13 12:01:09 +11:00
Mark Andrews
015f044f7f remove copyright noticed 2013-11-09 13:55:49 +11:00
Tinderbox User
97c299486a update copyright notice 2013-11-08 23:46:19 +00:00
Mark Andrews
2048955015 3667. [func] dig: add support to keep the TCP socket open between 
successive queries (+[no]keepopen).  [RT #34918]
 2013-11-07 10:50:01 +11:00
Mark Andrews
49c1e0d18d 3666. [func] Add a tool, named-rrchecker, for checking the syntax 
of individual resource records.  This tool is intended
                        to be called by provisioning systems so that the front
                        end does not need to be upgraded to support new DNS
                        record types. [RT #34778]
 2013-11-07 10:41:47 +11:00
Mark Andrews
50c67f588e remove blank 
(cherry picked from commit 75aa3c6f2ada5dcc657d0858ee4544c7997d9840)
 2013-09-23 09:47:30 +10:00
Mark Andrews
9fa2a0deed 3652. [bug] Address bug with rpz-drop policy. [RT #34816] 2013-09-21 17:27:43 +10:00
Tinderbox User
bcbb556868 update copyright notice 2013-09-19 23:46:20 +00:00